Ah, the security vulnerability that was used in the Google attack. It's been around the internet about a million times now, and even governments havestarted advising people to move away from Internet Explorer. As is usually the case, however, the internet has really blown the vulnerability out of proportion. I'll get right to it: if your machine and/or network has been compromised via this vulnerability, then you most likely had it coming. No sympathy for you.

the reference to a random location of freed memory could result in execution of the attacker's code.

How can this possibly work? Seriously, if a reference to a deleted object does magic such as this, that is really bad as the object has been deleted, the memory is free and anything can now be stored in the same location once it's been freed. Perhaps if the address stored in the pointer is not cleared, in other words the pointer is not set to NULL, the memory location referenced by the pointer gets filled with something else - the malicious code from outside. May be they have forgotten to NULL the pointer!